IETF Logo Mail Archive

Re: [Idr] Request to adopt draft-heitz-idr-large-community - Working Group Adoption call (9/6 to 9/20)

Ben Maddison <benm@workonline.co.za> Mon, 19 September 2016 21:21 UTC

Return-Path: <benm@workonline.co.za>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8238012B544 for <idr@ietfa.amsl.com>; Mon, 19 Sep 2016 14:21:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.217
X-Spam-Level:
X-Spam-Status: No, score=-4.217 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-2.316, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8_nPLUR1RlVd for <idr@ietfa.amsl.com>; Mon, 19 Sep 2016 14:21:37 -0700 (PDT)
Received: from ex1.workonline.co.za (ex1.workonline.co.za [197.157.92.102]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 51E5512B4EA for <idr@ietf.org>; Mon, 19 Sep 2016 14:21:35 -0700 (PDT)
Received: from EX2.workonline.co.za ([fe80::8572:d946:2c81:17bb]) by ex1.workonline.co.za ([fe80::f84f:93b7:a923:f286%14]) with mapi id 14.02.0387.000; Mon, 19 Sep 2016 23:21:25 +0200
From: Ben Maddison <benm@workonline.co.za>
To: "idr@ietf.org" <idr@ietf.org>
Thread-Topic: [Idr] Request to adopt draft-heitz-idr-large-community - Working Group Adoption call (9/6 to 9/20)
Thread-Index: AQHSEq1y1WK1byxTPk+lQj52zJECDqCBRm1Q
Date: Mon, 19 Sep 2016 21:21:25 +0000
Message-ID: <874E439F335FD742B8D1565730E537E0011C0E204D@ex2.workonline.co.za>
References: <20160914223521.GB15934@pfrc.org> <57DA823D.6020303@foobar.org> <CA+b+ERn3qjOixQBD_XQxMq+t3bhHQSbuJfmwfmWFUMHgOcr68Q@mail.gmail.com> <alpine.DEB.2.02.1609151505290.1477@uplift.swm.pp.se> <CA+b+ERmMfdaGuXb4BcTFGX2Pdr64E-OFCWCGq3o-2X1KHgXP-A@mail.gmail.com> <20160915143220.GQ79185@Space.Net> <m2a8f9cfo9.wl-randy@psg.com> <20160915164803.GI25536@puck.nether.net> <m237l1cdac.wl-randy@psg.com> <CAL9jLaYfmsXEgcjpeChSN7uZ6jTdE7qCeCZAqNhK_6vSb8eewQ@mail.gmail.com> <20160919193850.GD85721@gweep.net>
In-Reply-To: <20160919193850.GD85721@gweep.net>
Accept-Language: en-ZA, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [82.132.231.228]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/KmZkgA9yaGCFhpW2nPU1JAFATj4>
Cc: "Frank Habicht (geier@geier.ne.tz)" <geier@geier.ne.tz>, Nishal Goburdhan <nishal@inx.net.za>, Michuki Mwangi <mwangi@isoc.org>
Subject: Re: [Idr] Request to adopt draft-heitz-idr-large-community - Working Group Adoption call (9/6 to 9/20)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Sep 2016 21:21:40 -0000

Hi all,

Thanks for all the contributions so far.

I'd like to echo the support for this proposal already voiced.
We operate a transit network, and define multiple informational and action communities for signaling policy to/from our customers and peers.
As it stands, the primary shortcoming in this scheme is our inability to indicate scope of a 4B ASN. This proposal fixes that simply and elegantly, and does not break any elements of our existing deployment.

It is trivial to map our current community namespace into a new enlarged namespace, thus providing a migration path that can remain in a transitional state for as long as necessary.
I would point out that this operational simplicity derives from the fact that the handling of the proposed attribute is the same as the current std. community attribute in every respect other than length - in particular transitivity. Without this, one cannot use both short and long communities to express a single policy during transition.

As others have pointed out, the same issue is felt acutely by holders of 4B ASN and by route server operators.
In the Afrinic numbers region, the community has even resorted to what can only be described as a "resource policy hack" [1] that reserves the remaining pool of 2B ASNs for allocation to IXP RS operators, so that they can define per-peer policy communities. Even this measure of course does not help where IXP participants have 4B ASNs.
Fixing operational problems with Internet standards is clearly not the proper role of resource policy, and highlights the brokenness of the status quo, whereby we are unable to agree on a reasonable protocol based solution to an immediate protocol related problem.
I have copied the authors of that policy, all of whom operate IXPs in our region, in case they would like to add their thoughts. 

[1] http://afrinic.net/en/library/policies/1423-afpub-2014-gen-004-draft-03 

Ben Maddison

Director
Workonline Communications (Pty) Ltd

Office:     +27 (0) 21 200 9000
Mobile:   +27 (0) 82 415 5545
Email:      benm@workonline.co.za
SIP:          benm@workonline.co.za



-----Original Message-----
From: Idr [mailto:idr-bounces@ietf.org] On Behalf Of Joe Provo
Sent: Monday, September 19, 2016 10:39 PM
To: idr@ietf.org
Subject: Re: [Idr] Request to adopt draft-heitz-idr-large-community - Working Group Adoption call (9/6 to 9/20)


TL;DR - forward motion on -large would prevent making networks deploying 32b today ASNs as second-class citizens^Wcarriers of the global Internet.


On Thu, Sep 15, 2016 at 02:03:06PM -0400, Christopher Morrow wrote:
> (shortcut; I'd like to see -large get finished, some reasoning below)
> 
> On Thu, Sep 15, 2016 at 12:56 PM, Randy Bush <randy@psg.com> wrote:
> 
> > is
> >     0                   1                   2                   3
> >     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
> >    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >    |                      Autonomous System number                 |
> >    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >    |                          Local Data Part 1                    |
> >    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >    |                          Local Data Part 2                    |
> >    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >
> > sufficient?  that is a binary question.  i am interested in answers 
> > from operators such as nick, gert, ...
> >
> > iff your answer is "no," what would be sufficient?
> >
> 
> I'll bite... So, it seems to me that a minimum answer for 
> compatibility going forward is 4:4, it also seems that if we're adding 
> more bits to this,
> 4:8 is attractive for some of the use-cases Jared brings up above.
> 
> The -large option seems like a good step to bring parity to 
> tooling/etc that we use today in the network.
[snip]

What my colleague says regarding parity is critical. We may not *like* the existing tools, approaches, or configuration management (and many parties are seeking to correct this), but the operations end of the Internet requires forward progress with the least friction. A more thorough rethinking of communicating routing policies is a laudable goal, but that's not something we'll see in the near-term.

As Nick observed, the well of 16b ASNs is dry at the source. When the RIRs are unable to fulfill requests, we'll see operators of 32b ASNs forced to abandon best current practices in policy signaling (the danger of overloading private-ASN signaling and making stripping errors or re-writes have already been raised) or find some means of obtaining 16b ASNs.  Flatly, any such with BGP downstreams will be forced to have substandard offerings to their customers and the collective we are affecting their business offering.

Many of the relevant points have been touched on by others, most notably the common framework indicated by Martijn. In a comment, Jared pointed to the elegance of "<actor>:<target>:<action>" signals.
I would take that a step further to say empowering that simplicity would increase stability of the Internet. In Martijn's excellent policy framework summary, one of the footnote-referred websites might not be familiar to non-operators: https://onestep.net/communities/ This site is a compilation of various provider community lists, not always published to non-customers, and a fairly important reference for those crafting announcements or diagnosing what happened to a prefix or traffic. If you pick a few at random, you'll note that any which are providing action (and not just documenting origin) need to define their own format and action look-up table. Human touching/configuring devices are known to be the root of most inter-provider turbulence; humans have been known to set the policy matching provider A's LUT on provider B's session, sometimes with bad results. Setting the stage to reduce complexity in this realm by providing the bitspace for a simple, uniform "<actor>:<target>:<action>" signal would increase stability as it was adopted.

The need is real and imminent. There are multiple implementations of the proposal. A chorus of people facing these issues on a daily basis support the proposal.  Let us please move forward.

Cheers!

Joe


-- 
        RSUC / GweepNet / Spunk / FnB / CotSG / Usenix / NANOG

_______________________________________________
Idr mailing list
Idr@ietf.org
https://www.ietf.org/mailman/listinfo/idr

v2.23.0 | Report a Bug | By Email